Originally posted by: SystemAdmin

OK, I'm attempting to open up snmp on our aix system for monitoring and reporting.

From what I understand, these packages installed on aix expose snmp.

snmpd
hostmibd
dpid2
snmpmibd
aixmibd

Well, for some reason, I can't see cpu, disks, etc.. . I can see that standard snmp stuff, but anything extra is not exposed.

Does anyone have any ideas even where to begin to look to sort this problem out. AIX info on the net is all over the place and I can't find any faq's or configuration information.

Thanks in advance.

Kevin

Originally posted by: steevojb

Hi,

Take a look at net-snmp

http://net-snmp.sourceforge.net/

HTH

Steve

Originally posted by: SystemAdmin

In AIX 5, the following SNMP daemons can be used to make information available to clients.
snmpd
/usr/sbin/snmpd is a symbolic link to either the snmpdv1 daemon which supports only SNMP version 1, or to either the encrypted or non-encrypted version of the snmpdv3 daemon which supports SNMP version 3. For information about the snmpd daemon, please refer to the documentation of the appropriate version of the SNMP agent.
The SNMP daemon provides the following three functions:

Receiving and authenticating SNMP requests from network monitors.
Processing requests and returning results to the originating monitor.
Sending trap notification to all hosts listed in the configuration file.
snmpdv1 daemon
Starts the Simple Network Management Protocol (SNMP) version 1 agent as a background process.
snmpdv3 daemon
Starts the Simple Network Management Protocol (SNMP) version 3 agent as a background process.
hostmibd
The hostmibd command starts the hostmibd dpi2 sub-agent.
This daemon is used for some of the most basic AIX performance data.
dpid2
The dpid2 DPI-SMUX converter daemon complies with the standard Simple Network Management Protocol Distributed Protocol Interface Version 2.0.
dpid2 acts as a DPI® 2.0 to SMUX converter. It is used to allow DPI sub-agents, such as /usr/sbin/hostmibd, to talk with the AIX SNMP version 1 agent.

aixmibd
Provides the AIX® Enterprise Management Information Base (MIB) extension subagent, for use with the Simple Network Management Protocol (SNMP) version 3 agent, that collects data from system for variables defined in the AIX Enterprise Specific MIB.
One focus of the subagent is on the data related to the file systems, volume groups, logical volumes, physical volumes, paging space, processes, print queues, print jobs, system users, system groups, users currently logged in, subsystems, subservers, system environment, and various devices.

Another focus of the subagent is on important system traps.

For example, when the /home file system reaches the threshold 95% (percent used size), a trap can be generated to report the event to a manager.
Xmservd
Xmservd can show more detailed information. Xmservd comes with Performance Toolbox which must be purchased separately. Performance Toolbox Books have information on xmservd.

To use aixmibd, you need to modify /etc/snmpdv3.conf file. Because aixmibd managed MIBs are excluded by default.

The entry looks like this before changing

1. exclude aixmibd managed MIBs from the default view

VACM_VIEW defaultView 1.3.6.1.4.1.2.6.191 - excluded -
Add "#" so that aixmibd managed MIBs will not be excluded, and the stop and restart the daemons. The changed file should now show:

1. exclude aixmibd managed MIBs from the default view

#VACM_VIEW defaultView 1.3.6.1.4.1.2.6.191
Then stop and start snmpd and aixmibd by src commands. refresh command does not re-read the config file.

1. stopsrc -s aixmibd
2. stopsrc -s snmpd
3. startsrc -s snmpd
4. startsrc -s aixmibd

1. snmpinfo -v -m dump -c public hrProcessorLoad

hrProcessorLoad.1 = 20
hrProcessorLoad.2 = 20
hrProcessorLoad.3 = 19
hrProcessorLoad.4 = 19

Configuration files and parameters

/etc/hostmibd.conf: Defines the configuration parameters for hostmibd command.
/etc/mib.defs: Defines the Management Information Base (MIB) variables the SNMP agent and manager should recognize and handle
/etc/aixmibd.conf: Contains the configuration file for the aixmibd subagent.
/usr/samples/snmpd/aixmibd_security_readme: Contains the example configurations for different views and information about related security issues. Also contains information describing how to set the variables in /etc/aixmibd.conf.
/usr/samples/snmpd/aixmibd.my: Contains the MIB definitions for the aixmibd subagent.
/usr/samples/snmpd/hr.my: Contains more MIB definitions.
/etc/snmpd.conf: Specify smux peer entry in snmpd v1 agent configuration file.
/etc/snmpd.peers: Specify the configuration for smux peer.
/etc/clsnmp.conf: Configuration file for the clsnmp command.
/etc/snmpdv3.conf: Defines a sample configuration file for the snmpdv3 agent.

Originally posted by: SystemAdmin

OK,

I think I've set all that up. Here's a copy of my snmpdv3.conf. It seems that all the snmpd associaciated programs are starting, but all I can get out of the server doing

snmpwalk -c public -v 1 localhost .1

sys
snmp
enterprise
vcam
and some other snmp info

but I'm not getting

cpu
interfaces
drives
etc...

Any ideas?

VACM_GROUP group1 SNMPv1 public -
VACM_GROUP group1 SNMPv1 $private -
VACM_GROUP group1 SNMPv2c $private -

VACM_VIEW defaultView internet - included -

1. exclude snmpv3 related MIBs from the default view

VACM_VIEW defaultView snmpModules - included -
VACM_VIEW defaultView 1.3.6.1.6.3.1.1.4 - included -
VACM_VIEW defaultView 1.3.6.1.6.3.1.1.5 - included -

1. exclude aixmibd managed MIBs from the default view

VACM_VIEW defaultView 1.3.6.1.4.1.2.6.191 - included -
VACM_VIEW defaultView system - included -
VACM_VIEW defaultView interfaces - included -
VACM_VIEW defaultView tcp - included -
VACM_VIEW defaultView icmp - included -
VACM_VIEW defaultView internet - included -
VACM_VIEW defaultView enterprises - included -

VACM_ACCESS group1 - - noAuthNoPriv SNMPv1 defaultView - defaultView -
VACM_ACCESS group1 - - noAuthNoPriv SNMPv2c defaultView - defaultView -

NOTIFY notify1 traptag trap -

TARGET_ADDRESS Target1 UDP 127.0.0.1 traptag trapparms1 - - -

TARGET_PARAMETERS trapparms1 SNMPv1 SNMPv1 public noAuthNoPriv -

COMMUNITY public public noAuthNoPriv 127.0.0.1 255.255.255.255 -
DEFAULT_SECURITY no-access - -

logging file=/usr/tmp/snmpdv3.log enabled
logging size=0 level=0

smux 1.3.6.1.4.1.2.3.1.2.1.2 gated_password # gated
#snmpd smuxtimeout=200 #muxatmd
smux 1.3.6.1.4.1.2.3.1.2.3.1.1 muxatmd_password #muxatmd
smux 1.3.6.1.4.1.2.3.1.2.1.3 xmservd_pw #xmservd
smux 1.3.6.1.4.1.2.3.1.2.2.1.1.2 dpid_password #dpid

Originally posted by: SystemAdmin

I believe that your problem is caused by the way that you have defined "group1" in the VACM_GROUP and VACM_ACCESS sections. You have VACM_GROUP "group1" defined with 2 different versions of the SNMP protocol and 3 different community strings. You also have VACM_ACCESS for "group1" defined with 2 different SNMP versions.

You should define a different group name for each SNMP version, and also a different group name for each community string within a single version.

VACM_GROUP group1 SNMPv1 public -
VACM_GROUP group2 SNMPv1 $private -
VACM_GROUP group3 SNMPv2c $private -

VACM_ACCESS group1 - - noAuthNoPriv SNMPv1 defaultView - defaultView -
VACM_ACCESS group2 - - noAuthNoPriv SNMPv1 defaultView - defaultView -
VACM_ACCESS group3 - - noAuthNoPriv SNMPv2c defaultView - defaultView -

You need to determine where the link for /usr/sbin/snmpd is pointing, and change it to the desired version using the "/usr/sbin/snmpv3_ssw" command. The options passed to this command will reset the link to the desired version, and start the dpid2 daemon (version 1) or hostmibd daemon (version 3).

The hostmibd, snmpmibd and aixmibd daemons may be commented out within the /etc/rc.tcpip file. Note that these daemons all use "public" as their default community string; if you want to use a different community string you will have to specify it in /etc/rc.tcpip and/or the command line (which will make it visible within the output of the "ps" command). The specific command line options are outlined in the man pages. The dpid2 daemon is only used with the snmpdv1 daemon.

The post from JayTee outlines how to manually start and stop the daemons. The daemons should be started in the following order: snmpd, hostmibd, snmpmibd, aixmibd. Stop them in the reverse order

IBM has added a portion of the MIBs from the Performance Toolbox Product with AIX version 5.3, technology level 5. The perfagent.tools fileset has to be installed, and you need to be running the version 3 SNMP daemon (it can be running in version 1 non-encrypted mode - /usr/sbin/snmpd@ -> snmpdv3ne). You can access them by doing the following steps:

1. Edit the file /usr/lpp/perfagent/xmservd.res file and add the text "dosmux" on a line by itself (without the quotes).
2. Stop and start the SNMP daemon (stopsrc -s snmpd; startsrc -s snmpd). Check /usr/tmp/snmpdv3.log for any errors and correct them.
3. Run the command "topas -C" and let it run for several minutes. This will write startup and error information into /etc/perf/xmservdX.log (where X = a number). If the xmservd SMUX extension registered successfully, you should see a couple of lines similar to:

xm_smux_register called for subtree DDS/IBM
Successfully added IBM
xm_smux_register called for subtree DDS/IBM/XMservd
Successfully added XMservd

4. Issue a "kill -2" command against the process ID of the xmtopas process. This should generate a SNMP MIB file in /etc/perf/xmservd.mib. Edit the file and change the "" sign in the OBJECT-TYPE xmdNFSV3ClntReaddir and xmdNFSV3SvrReaddir+ to a text string.
5. Copy the original /etc/mib.defs to a backup (i.e. /etc/mib.defs-orig)
6. Compile the xmservd.mib file using the command:

mosy -o /tmp/xmservd.mib /etc/perf/xmservd.mib

7. Check the /etc/mib.defs for any entries that start with the text "xmd" and remove them. Append /tmp/xmservd.mib to /etc/mib.defs

cat /tmp/xmservd.mib >> /etc/mib.defs

8. Stop and restart the snmpd daeamon (stopsrc -s snmpd; startsrc -s snmpd)
9. You can now run SNMP queries for the xmd portion of the MIB tree

/usr/sbin/snmpinfo -v -m dump -c public -h localhost xmd

You will have to redo steps 3-8 any time that a kernel update is installed, and possibly if a networking one is installed. My experience has been that /etc/mib.defs usually gets overwritten when I have installed a new technology level or service pack.

Originally posted by: SystemAdmin

The xmtopas process that gets started by the "topas -C" command will eventually die on its own if it is not queried for data on a periodic basis.

Originally posted by: SystemAdmin

OK, Thanks for all the replies. I think I have the services starting correctly and reporting the correct information. I'm running into one problem though. When I run

snmpwalk -v 1 -c public localhost .1

I keep getting the error at a certain point.

SNMPv2-SMI::mib-2.12.2.1.2.3 = Hex-STRING: 00 00 00
SNMPv2-SMI::mib-2.12.2.1.3.1 = INTEGER: 0
SNMPv2-SMI::mib-2.12.2.1.3.2 = INTEGER: 0
SNMPv2-SMI::mib-2.12.2.1.3.3 = INTEGER: 0
Error in packet.
Reason: (genError) A general failure occured
Failed object: SNMPv2-SMI::mib-2.12.2.1.3.3
Otherwise, I think everything if working right, just without SNMP getting past this point, I'm not going to be able to generate performance graphs for the cpu cause I think that information in generated after this line, but it can't get any further because of the error.

Thanks

Keivn

Originally posted by: SystemAdmin

> snmpwalk -v 1 -c public localhost .1

AIX does not include a utility called "snmpwalk". Is this command actually running locally on the AIX host? If not, your earlier snmpdv3.conf file did not permit access for SNMP queries except from the localhost.

COMMUNITY public public noAuthNoPriv 127.0.0.1 255.255.255.255 -

Do you obtain any output when using the native AIX snmpinfo command? The following command should dump everything in the MIB tree (if using SNMP version 1 queries)

/usr/sbin/snmpinfo -v -m dump -c public -h localhost

Post the output of the command "ls -l /usr/sbin/snmpd" and the current contents of /usr/sbin/snmpdv3.conf.

Originally posted by: SystemAdmin

Dear DL,

OK snmpinfo isn't returning anything, but my snmpwalk returned the info I posted.

snmpinfo -v -m dump -c public -h localhost
No response
idn# ls -la /usr/sbin/snmpd
lrwxrwxrwx 1 root system 19 Aug 10 10:52 /usr/sbin/snmpd -> /usr/sbin/snmpdv3ne

Also my snmpdv3.conf is in the /etc directory

cat /etc/snmpdv3.conf
VACM_GROUP group1 SNMPv1 public -

VACM_VIEW defaultView internet - included -

1. exclude snmpv3 related MIBs from the default view

VACM_VIEW defaultView snmpModules - included -
VACM_VIEW defaultView 1.3.6.1.6.3.1.1.4 - included -
VACM_VIEW defaultView 1.3.6.1.6.3.1.1.5 - included -

1. exclude aixmibd managed MIBs from the default view

VACM_VIEW defaultView 1.3.6.1.4.1.2.6.191 - included -

VACM_VIEW defaultView system - included -
VACM_VIEW defaultView interfaces - included -
VACM_VIEW defaultView tcp - included -
VACM_VIEW defaultView icmp - included -
VACM_VIEW defaultView enterprises - included -

VACM_ACCESS group1 - - noAuthNoPriv SNMPv1 defaultView - defaultView -

NOTIFY notify1 traptag trap -

TARGET_ADDRESS Target1 UDP 127.0.0.1 traptag trapparms1 - - -

TARGET_PARAMETERS trapparms1 SNMPv1 SNMPv1 public noAuthNoPriv -

COMMUNITY public public noAuthNoPriv 192.168.199.60 255.255.255.0 -

DEFAULT_SECURITY no-access - -

logging file=/usr/tmp/snmpdv3.log enabled
logging size=0 level=0

smux 1.3.6.1.4.1.2.3.1.2.1.2 gated_password # gated

smux 1.3.6.1.4.1.2.3.1.2.3.1.1 muxatmd_password #muxatmd
smux 1.3.6.1.4.1.2.3.1.2.2.1.1.2 dpid_password #dpid
Thanks alot in advance..
Kevin

Originally posted by: SystemAdmin

> Also my snmpdv3.conf is in the /etc directory
>
> COMMUNITY public public noAuthNoPriv 192.168.199.60 255.255.255.0 -

This will only allow SNMP queries using the community string of public from IP addresses in the 192.168.199.0 subnet. I would add a line for the localhost IP address also:

COMMUNITY public public noAuthNoPriv 127.0.0.1 255.255.255.255 -

You will need to stop and start the SNMP daemon after making any changes (stopsrc -s snmpd ; startsrc -s snmpd).

Check /usr/tmp/snmpdv3.log for any errors after starting the daemon.

Originally posted by: SystemAdmin

Dear DL,

OK, my bad. I've mostly been setting up SNMP to just be queried by the zenoss server. Wasn't even thinking why I couldn't do a snmpinfo on localhost.

The only thing I think I have left is figuring out this last error.

From our zenoss server, if I do a snmpwalk

snmpwalk -c public -v 1 idn-sxe .1

I get this result somewhere within the whole record
SNMPv2-SMI::mib-2.12.2.1.3.2 = INTEGER: 0
SNMPv2-SMI::mib-2.12.2.1.3.3 = INTEGER: 0
Error in packet.
Reason: (genError) A general failure occured
Failed object: SNMPv2-SMI::mib-2.12.2.1.3.3

This shows up in snmpdv3.log

08/10/07 09:59:12 PM - snmpd: 1473-134 send function failed; A file descriptor does not refer to an open file..
dpid2.log

8/10 21:59:12 dpid2 29878 (root ) smux_response: warning encode_SMUX_PDUs: Parsing problem: module SMI OBJID/class=UNIV/id=6 got UNIV/0
8/10 21:59:12 dpid2 29878 (root ) smux_wait: invalidOperation smux_wait: SMUX not opened

Originally posted by: SystemAdmin

You indicated in your Aug 10 posting that /usr/sbin/snmpd was a link to /usr/sbin/snmpdv3ne. The dpid2 daemon should not be running if this is still true. From the dpid2 manual pages,

>On AIX(R) release 5.2.0 and after, the snmpdv3 agent itself acts as a DPI2 >agent and listens on the dpiPortForTCP.0 TCP port. Therefore, dpid2 is not >needed when using the snmpdv3 agent. Therefore, the dpid2 daemon won't be >executed in the system startup and the dpid2 line in /etc/rc.tcpip will be >commented out.

Originally posted by: SystemAdmin

I am trying to integrate 5.3 into our ZenOSS monitoring system as well. Did you ever succeed in this?

Originally posted by: SystemAdmin

Still looking, I'll let you know.

If you have any additional information, please let me know.

Originally posted by: SystemAdmin

Dear All,

I am also facing the same issues. Please find the snmpdv3.conf file below. Please help me.

VACM_GROUP group1 SNMPv1 public -

VACM_VIEW defaultView internet - included -

1. exclude snmpv3 related MIBs from the default view

VACM_VIEW defaultView snmpModules - included -
VACM_VIEW defaultView 1.3.6.1.6.3.1.1.4 - included -
VACM_VIEW defaultView 1.3.6.1.6.3.1.1.5 - included -

1. exclude aixmibd managed MIBs from the default view

#VACM_VIEW defaultView 1.3.6.1.4.1.2.6.191 - included -

VACM_ACCESS group1 - - noAuthNoPriv SNMPv1 defaultView - defaultView -

NOTIFY notify1 traptag trap -

TARGET_ADDRESS Target1 UDP 127.0.0.1 traptag trapparms1 - - -

TARGET_PARAMETERS trapparms1 SNMPv1 SNMPv1 public noAuthNoPriv -

COMMUNITY public public noAuthNoPriv 192.168.100.141 255.255.255.0 -

COMMUNITY public public noAuthNoPriv 127.0.0.1 255.255.255.255 -
DEFAULT_SECURITY no-access - -

logging file=/usr/tmp/snmpdv3.log enabled
logging size=100000 level=0

smux 1.3.6.1.4.1.2.3.1.2.1.2 gated_password # gated

smux 1.3.6.1.4.1.2.3.1.2.3.1.1 muxatmd_password #muxatmd
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

I am not able to see any CPU, Network or Memory related information. Can someone help me. What am I doing wrong?